South Africa

Country

Reportedly Disruptive Cyberattack at Porsche South Africa’s Headquarters

February 19, 2023

Porsche South Africa’s headquarters in Johannesburg suffered a disruptive ransomware attack over the weekend, taking down several of the company’s systems and at least some backups.

MyBroadband news outlet in SA understands the attackers used a relatively new ransomware strain called Faust to encrypt the company’s files and lock it out of corporate systems. The news outlet contacted Porsche South Africa for further details about the incident, but it declined to comment — neither confirming nor denying the attack.

read more

Unknown Actor Targets South African Power Generator

March 8, 2023

Researchers have uncovered a suspected cyberattack targeting a power generator in southern Africa with a new variant of the SystemBC malware. The attack was carried out by an unknown hacker group in March of this year, according to a report by cybersecurity firm Kaspersky. The hackers used a Cobalt Strike tool and DroxiDat — a new variant of the SystemBC payload — to profile compromised systems and establish remote connections on the electric utility.

No ransomware was delivered to the organization, however.

read more

RansomHouse Gang Claims Attack on Largest Supermarket Chain in Africa

June 10, 2022

Shoprite has been hit by a ransomware attack. On June 10 the company disclosed that they suffered a security incident. RansomHouse, a ransomware gang, has claimed responsibility for the cyberattack, which compromised customer data in Eswatini, Namibia and Zambia. Shoprite said the data breach “included names and ID numbers but no financial information or bank account numbers.”

In messages posted on RansomHouse’s Telegram channel and seen by TechCrunch, the gang, which is said to be targeting companies with weak security, claimed to have obtained 600 gigabytes of data from Shoprite. It said to have collected personal data that was “in plain text/raw photos packed in archived files, completely unprotected.”

read more

Attacks Shuts South Africa Port Ops

July 22, 2021

Transnet, a state-owned South African rail, port and pipeline company, suffered a cyberattack July 22.and has been forced to halt operations. Transnet declared force majeure at 4 container terminals. Container shipment processing was delayed for 7 days. .

read more

Automated Antiaircraft Cannon Malfunctions, Kills 9, Wounds 14

January 1, 2007

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

read more

PC_SALITY.EN Virus Infects DCS Servers and Historians

January 1, 2009

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

read more

Chemical Company, Omnia Holdings, Suffered Cyber Attack

March 12, 2020

Chemical company, Omnia Holdings, suffered a cyber attack on its IT infrastructure, officials said.
Omnia Holding Limited is a holding company for a group of companies that produces and supplies fertilizer to the agricultural industry, explosives to the mining industry and industrial chemical products. The group’s operations are located in South Africa, Ghana, Kenya, Mauritius, Tanzania, Zimbabwe and Zambia. The company is listed on the Johannesburg Stock Exchange (JSE)
The company said it was alerted to abnormal activity on its network on March 12 and specialist teams promptly began investigating the incident.

read more